CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47573
https://notcve.org/view.php?id=CVE-2024-47573
14 Mar 2025 — An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image. • https://fortiguard.fortinet.com/psirt/FG-IR-23-461 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-48790
https://notcve.org/view.php?id=CVE-2023-48790
11 Mar 2025 — A cross site request forgery vulnerability [CWE-352] in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-353 • CWE-352: Cross-Site Request Forgery (CSRF) •